Vulnerability Description
A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The patch is identified as d22337d453a2a14194cdb02bf12cdf9d9f827aa7. It is recommended to upgrade the affected component. VDB-217642 is the identifier assigned to this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Surpass Project | Surpass | < 1.0.0 |
Related Weaknesses (CWE)
References
- https://github.com/SUKOHI/Surpass/commit/d22337d453a2a14194cdb02bf12cdf9d9f827aaPatchThird Party Advisory
- https://github.com/SUKOHI/Surpass/releases/tag/1.0.0Release NotesThird Party Advisory
- https://vuldb.com/?ctiid.217642Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.217642Permissions RequiredThird Party Advisory
- https://github.com/SUKOHI/Surpass/commit/d22337d453a2a14194cdb02bf12cdf9d9f827aaPatchThird Party Advisory
- https://github.com/SUKOHI/Surpass/releases/tag/1.0.0Release NotesThird Party Advisory
- https://vuldb.com/?ctiid.217642Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.217642Permissions RequiredThird Party Advisory
FAQ
What is CVE-2015-10030?
CVE-2015-10030 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir le...
How severe is CVE-2015-10030?
CVE-2015-10030 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-10030?
Check the references section above for vendor advisories and patch information. Affected products include: Surpass Project Surpass.